# Copyright 1999-2021 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2

EAPI=7

inherit pam pax-utils systemd xdg-utils

DESCRIPTION="Policy framework for controlling privileges for system-wide services"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz"

LICENSE="LGPL-2"
SLOT="0"
KEYWORDS="amd64 arm arm64 ~mips ppc64 ~riscv ~s390 x86"
IUSE="examples gtk +introspection kde pam selinux systemd test"
#RESTRICT="!test? ( test )"
# Tests currently don't work with meson. See
#   https://gitlab.freedesktop.org/polkit/polkit/-/issues/144
RESTRICT="test"

BDEPEND="
	acct-user/polkitd
	app-text/docbook-xml-dtd:4.1.2
	app-text/docbook-xsl-stylesheets
	dev-libs/glib
	dev-libs/gobject-introspection-common
	dev-libs/libxslt
	dev-util/glib-utils
	dev-util/intltool
	sys-devel/gettext
	virtual/pkgconfig
	introspection? ( dev-libs/gobject-introspection )
"
DEPEND="
	dev-libs/glib:2
	dev-libs/expat
	pam? (
		sys-auth/pambase
		sys-libs/pam
	)
	!pam? ( virtual/libcrypt:= )
	systemd? ( sys-apps/systemd:0=[policykit] )
	!systemd? ( sys-auth/elogind )
"
RDEPEND="${DEPEND}
	acct-user/polkitd
	selinux? ( sec-policy/selinux-policykit )
"
PDEPEND="
	gtk? ( || (
		>=gnome-extra/polkit-gnome-0.105
		>=lxde-base/lxsession-0.5.2
	) )
	kde? ( kde-plasma/polkit-kde-agent )
"

DOCS=( docs/TODO HACKING NEWS README )

QA_MULTILIB_PATHS="
	usr/lib/polkit-1/polkit-agent-helper-1
	usr/lib/polkit-1/polkitd"

PATCHDIR="${FILESDIR}/patches"
PATCHES=(
    "${PATCHDIR}"/0.106/agenthelper-pam-Fix-newline-trimming-code.patch
    "${PATCHDIR}"/0.107/Try-harder-to-look-up-the-right-localization.patch
    "${PATCHDIR}"/0.108/build-Fix-.gir-generation-for-parallel-make.patch
    "${PATCHDIR}"/0.108/PolkitAgent-Avoid-crashing-if-initializing-the-server-obj.patch
    "${PATCHDIR}"/0.110/07_set-XAUTHORITY-environment-variable-if-unset.patch
    "${PATCHDIR}"/0.110/04_get_cwd.patch
    "${PATCHDIR}"/0.111/09_pam_environment.patch
    "${PATCHDIR}"/0.111/Add-a-FIXME-to-polkitprivate.h.patch
    "${PATCHDIR}"/0.111/Fix-a-memory-leak.patch
    "${PATCHDIR}"/0.112/00git_type_registration.patch
    "${PATCHDIR}"/0.112/08_deprecate_racy_APIs.patch
    "${PATCHDIR}"/0.112/cve-2013-4288.patch
    "${PATCHDIR}"/0.114/polkitpermission-Fix-a-memory-leak-on-authority-changes.patch
    "${PATCHDIR}"/0.113/Port-internals-non-deprecated-PolkitProcess-API-wher.patch
    "${PATCHDIR}"/0.113/pkexec-Work-around-systemd-injecting-broken-XDG_RUNT.patch
    "${PATCHDIR}"/0.113/03_PolkitAgentSession-fix-race-between-child-and-io-wat.patch
    "${PATCHDIR}"/0.113/polkitd-Fix-problem-with-removing-non-existent-sourc.patch
    "${PATCHDIR}"/0.113/PolkitSystemBusName-Add-public-API-to-retrieve-Unix-.patch
    "${PATCHDIR}"/0.113/Fixed-compilation-problem-in-the-backend.patch
    "${PATCHDIR}"/0.113/Don-t-discard-error-data-returned-by-polkit_system_b.patch
    "${PATCHDIR}"/0.113/sessionmonitor-systemd-Deduplicate-code-paths.patch
    "${PATCHDIR}"/0.113/PolkitSystemBusName-Retrieve-both-pid-and-uid.patch
    "${PATCHDIR}"/0.113/sessionmonitor-systemd-prepare-for-D-Bus-user-bus-mo.patch
    "${PATCHDIR}"/0.113/Refuse-duplicate-user-arguments-to-pkexec.patch
    "${PATCHDIR}"/0.113/00git_fix_memleak.patch
    "${PATCHDIR}"/0.113/00git_invalid_object_paths.patch
    "${PATCHDIR}"/0.113/sessionmonitor-systemd-Use-sd_uid_get_state-to-check.patch
    "${PATCHDIR}"/0.113/Fix-a-possible-NULL-dereference.patch
    "${PATCHDIR}"/0.113/Remove-a-redundant-assignment.patch
    "${PATCHDIR}"/0.113/Fix-duplicate-GError-use-when-uid-is-missing.patch
    "${PATCHDIR}"/0.113/Fix-a-crash-when-two-authentication-requests-are-in-.patch
    "${PATCHDIR}"/0.113/CVE-2015-4625-Use-unpredictable-cookie-values-keep-t.patch
    "${PATCHDIR}"/0.113/CVE-2015-4625-Bind-use-of-cookies-to-specific-uids.patch
    "${PATCHDIR}"/0.113/docs-Update-for-changes-to-uid-binding-Authenticatio.patch
    "${PATCHDIR}"/0.113/Fix-a-per-authorization-memory-leak.patch
    "${PATCHDIR}"/0.113/Fix-a-memory-leak-when-registering-an-authentication.patch
    "${PATCHDIR}"/0.113/CVE-2015-3255-Fix-GHashTable-usage.patch
    "${PATCHDIR}"/0.113/Fix-use-after-free-in-polkitagentsession.c.patch
    "${PATCHDIR}"/0.113/README-Note-to-send-security-reports-via-DBus-s-mech.patch
    "${PATCHDIR}"/0.114/Fix-multi-line-pam-text-info.patch
    "${PATCHDIR}"/0.114/Refactor-send_to_helper-usage.patch
    "${PATCHDIR}"/0.114/Add-gettext-support-for-.policy-files.patch
    "${PATCHDIR}"/0.114/gettext-switch-to-default-translate-no.patch
    "${PATCHDIR}"/0.114/Support-polkit-session-agent-running-outside-user-session.patch
    "${PATCHDIR}"/0.115/Fix-CVE-2018-1116-Trusting-client-supplied-UID.patch
    "${PATCHDIR}"/0.116/Possible-resource-leak-found-by-static-analyzer.patch
    "${PATCHDIR}"/0.116/Elaborate-message-printed-by-polkit-when-disconnecting-fr.patch
    "${PATCHDIR}"/0.116/Error-message-raised-on-every-systemctl-start-in-emergenc.patch
    "${PATCHDIR}"/0.116/Fix-a-critical-warning-on-calling-polkit_permission_new_s.patch
    "${PATCHDIR}"/0.116/Allow-negative-uids-gids-in-PolkitUnixUser-and-Group-obje.patch
    "${PATCHDIR}"/0.116/tests-add-tests-for-high-uids.patch
    "${PATCHDIR}"/0.116/backend-Compare-PolkitUnixProcess-uids-for-temporary-auth.patch
    "${PATCHDIR}"/0.116/Allow-uid-of-1-for-a-PolkitUnixProcess.patch
    "${PATCHDIR}"/0.116/pkttyagent-PolkitAgentTextListener-leaves-echo-tty-disabl.patch
    "${PATCHDIR}"/01_pam_polkit.patch
    "${PATCHDIR}"/02_gettext.patch
    "${PATCHDIR}"/05_revert-admin-identities-unix-group-wheel.patch
    "${PATCHDIR}"/06_systemd-service.patch
    "${PATCHDIR}"/10_build-against-libsystemd.patch
    "${PATCHDIR}"/Move-D-Bus-policy-file-to-usr-share-dbus-1-system.d.patch
    "${PATCHDIR}"/Statically-link-libpolkit-backend1-into-polkitd.patch
    "${PATCHDIR}"/Remove-example-null-backend.patch
    "${PATCHDIR}"/CVE-2021-3560.patch
	"${PATCHDIR}"/autoreconf.patch
)


src_configure() {
	xdg_environment_reset
	econf \
	$(use_enable systemd systemd) \
	$(use_enable introspection introspection)

}

src_install() {
	default
	if use examples ; then
		docinto examples
		dodoc src/examples/{*.c,*.policy*}
	fi

	diropts -m 0700 -o polkitd
	keepdir /usr/share/polkit-1/rules.d

	# meson does not install required files with SUID bit. See
	#  https://bugs.gentoo.org/816393
	# Remove the following lines once this has been fixed by upstream
	fperms u+s /usr/bin/pkexec
	fperms u+s /usr/libexec/polkit-agent-helper-1
	mkdir -p ${D}/lib/systemd/system/
	cp ${FILESDIR}/polkit.service ${D}/lib/systemd/system/polkit.service
}

pkg_postinst() {
	chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
	chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
}
